Reddit employee credentials were stolen in a purported phishing attack, the site’s administrator has disclosureand hackers were able to break into its systems on February 5. Apparently, Reddit employees received a “reasonable-sounding prompt”, which resulted in a website that mimics the look and feel and the behavior of its intranet gateway, designed to steal people’s logins and second factor tokens. While an employee fell for this scheme, they immediately self-reported. That allows the site’s security team to respond quickly and cut off access to intruders.
A Reddit spokesperson said the bad guys were able to access some “internal documentation, code, as well as some internal dashboards and business systems”. Contact information for hundreds of company contracts, current and former employees, as well as some advertisers was also exposed. However, they assured users that the security team investigating the incident found no evidence that their passwords or any other private data had been compromised. The team also found no evidence that the information stolen from Reddit has been distributed online — at least at this point in the investigation.
A Reddit spokesperson said the site is “continuing to investigate and monitor the situation closely.” They also say that the lessons they learned from a security breach five years ago continue to be useful. If this time the attackers were only able to really steal some non-user information, the 2018 breach was a much more serious incident. Previously, bad guys were able to get a user’s current email address, as well as a backup of a database from 2007 that contained account passwords.
All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission. All prices are correct at time of publication.
